Bank of Moscow completed automation of an access control system in the IC

On February 11, 2015 it became known of creation in Bank of Moscow of a complex IdM-system for management of access rights on R2 Oracle Identity Governance 11g platform. The Jet Infosystems company worked as the contractor of the project.

Project Progress

The first stage of the project carries out the analysis of the processes of management of access operating in bank and production processes integrated to them. According to the results of optimization options are offered, approaches to automation of approval and providing access rights according to the role model developed by specialists of bank are developed.

Bank of Moscow, 2014

At head office of bank unrolled infrastructure of Oracle Identity Manager and integrated with the most critical information systems – the BOSS-PERSONNEL OFFICER HR system, Microsoft Active Directory and Microsoft Exchange that allowed to automate processes of employment, dismissal, transfer on a position. With the help of specially developed connectors connected the core banking system of M-Bank, processing Way4 platform to the centralized control system of access rights.

These actions implemented interrelation between the events which are taking place in a personnel system and the real business processes accepted in bank. There was an opportunity - from a uniform point of management to provide control of powers of each employee on the basis of his provision in an organization structure and job responsibilities. Time of issue of the minimum rights to the new employee – creation of an account in the Active Directory and a mailbox, is reduced to several minutes.

Project Results

According to the results of implementation time of providing access rights to employees to information systems of bank from several days was reduced to minutes, the amount of excess powers in the IC decreased and the effective instrument of control of the granted rights, investigations of incidents of information security is provided.

"The applied environment of bank includes about 150 information systems. At the first stage we selected the most critical systems of which the bulk of requests for providing access is the share. So about 15 thousand requests a month were the share of 5 main systems of bank during the most loaded periods. We also selected them for automation first of all as it gave to bank the greatest effect. It was important to us to reduce the volume of paper work on approval and time for providing access rights, to lower load of IT departments, to provide the high level of efficiency and transparency of management of requests, – Vasily Okulessky, the head of department of information security of department on security of Bank of Moscow told. – As one more premises for start of the project the problem of reduction of risk of cybersecurity, connected with processes of management of access rights served".

"The created system not only many times increases efficiency of business processes of bank, but also increases their transparency in terms of cybersecurity. First, risks of a negative impact of a human factor on process of management of access to the IC noticeably decrease. Secondly, the cybersecurity service "sees" process of management of powers on each specific employee as in the online-mode now, and is retrospective – what rights are issued to it what are withdrawn, the reasons of change of the rights. And it transfers possibilities of access control to information resources of Bank to essentially new level", – Dmitry Bondar, the development manager of IdM of Information Security Center of Jet Infosystems company emphasized.